I need every VM added to a given folder in vCenter to be added to an existing distributed switch port mirroring session. Is this possible using PowerCLI?
The following will add the VM ($vmName) to a specific port mirroring session ($mirrorSessionName) on a distributed switch ($dvSwName).
You can define the traffic direction(s) for which the VM needs to be added with the variables $Ingress and $Egress.
Note that there isn't any error checking in the script.
For example if the mirror session does not exist, the script will fail without an informative messages.
To repeat this script for all VMs in a specific folder should be not too difficult, I assume ?
$dvSwName = 'dvSw1'
$mirrorSessionName = 'Test'
$vmName = 'VM2'
$Ingress = $false
$Egress = $true
$dvSw = Get-VDSwitch -Name $dvSwName
$vm = Get-VM -Name $vmName
$vmNic = $vm.ExtensionData.Config.Hardware.Device |
where{$_.Backing -is [VMware.Vim.VirtualEthernetCardDistributedVirtualPortBackingInfo]}
$spec = New-Object VMware.Vim.VMwareDVSConfigSpec
foreach($mirrorSession in $dvSw.ExtensionData.Config.VspanSession){
if($mirrorSession.Name -eq $mirrorSessionName){
$vspan = New-Object VMware.Vim.VMwareDVSVspanConfigSpec
$vspan.Operation = [VMware.Vim.ConfigSpecOperation]::edit
$vmInRc = $mirrorSession.SourcePortReceived | where{$_.PortKey -contains $vmNic.Backing.Port.PortKey}
if($Ingress -and !$vmInRc){
$mirrorSession.SourcePortReceived.PortKey += $vmNic.Backing.Port.PortKey
}
$vmInTx = $mirrorSession.SourcePortTRansmitted | where{$_.PortKey -contains $vmNic.Backing.Port.PortKey}
if($Egress -and !$vmInTx){
$mirrorSession.SourcePortTransmitted.PortKey += $vmNic.Backing.Port.PortKey
}
$vspan.vspanSession = $mirrorSession
$spec.vspanConfigSpec += $vspan
}
}
$spec.ConfigVersion = $dvSw.ExtensionData.Config.ConfigVersion
$dvSw.ExtensionData.ReconfigureDvs($spec)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Anyone?
(O LucD wherefore art thou)?
I'll have a look how this could be done, hold on.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
The following will add the VM ($vmName) to a specific port mirroring session ($mirrorSessionName) on a distributed switch ($dvSwName).
You can define the traffic direction(s) for which the VM needs to be added with the variables $Ingress and $Egress.
Note that there isn't any error checking in the script.
For example if the mirror session does not exist, the script will fail without an informative messages.
To repeat this script for all VMs in a specific folder should be not too difficult, I assume ?
$dvSwName = 'dvSw1'
$mirrorSessionName = 'Test'
$vmName = 'VM2'
$Ingress = $false
$Egress = $true
$dvSw = Get-VDSwitch -Name $dvSwName
$vm = Get-VM -Name $vmName
$vmNic = $vm.ExtensionData.Config.Hardware.Device |
where{$_.Backing -is [VMware.Vim.VirtualEthernetCardDistributedVirtualPortBackingInfo]}
$spec = New-Object VMware.Vim.VMwareDVSConfigSpec
foreach($mirrorSession in $dvSw.ExtensionData.Config.VspanSession){
if($mirrorSession.Name -eq $mirrorSessionName){
$vspan = New-Object VMware.Vim.VMwareDVSVspanConfigSpec
$vspan.Operation = [VMware.Vim.ConfigSpecOperation]::edit
$vmInRc = $mirrorSession.SourcePortReceived | where{$_.PortKey -contains $vmNic.Backing.Port.PortKey}
if($Ingress -and !$vmInRc){
$mirrorSession.SourcePortReceived.PortKey += $vmNic.Backing.Port.PortKey
}
$vmInTx = $mirrorSession.SourcePortTRansmitted | where{$_.PortKey -contains $vmNic.Backing.Port.PortKey}
if($Egress -and !$vmInTx){
$mirrorSession.SourcePortTransmitted.PortKey += $vmNic.Backing.Port.PortKey
}
$vspan.vspanSession = $mirrorSession
$spec.vspanConfigSpec += $vspan
}
}
$spec.ConfigVersion = $dvSw.ExtensionData.Config.ConfigVersion
$dvSw.ExtensionData.ReconfigureDvs($spec)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
This is great - thanks a million!
Would be possible through this approach to add just a specific vNIC of a VM that has 2 or more vNICs?
In my scenario, I have 1 Firewall VM that has 4 vNICs configured and I would like to add just one of them. With the provided code, I was able to add all the vNIC on the vspanSession at once.
I have been trying to implement something like that but no success:
The condition to select the single vNIC in the VM could be based in either:
That seems possible?
Thanks a lot 🙂
To use the Portgroup, you could do something like this
$vmNic = (Get-NetworkAdapter -VM $vm | where{$_.NetworkName -eq <your-portgroup-name>}).ExtensionData
To use the vNIC label, you can use the same logic as in https://communities.vmware.com/t5/VMware-PowerCLI-Discussions/Remove-Port-Mirroring/td-p/2250195/jum...
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference